Set alerts for groups

Background / Value

Employees receive their access rights through group memberships. Especially sensitive groups grant access to secret folders and other important resources. The AD Logga allows you to actively monitor specific AD groups so that an alert is received if new members are added.

 

Due to the nested group structures in Active Directory it is important to monitor group memberships, that occur from new indirect memberships. For example: The group "secret data" is a member in the "C-Level" group which is being monitored. The AD Logga alerts will notify you even if members are only added to the "secret data" group since these users are also indirect members of the "C-Level" group.

 

Related features

Set alerts for user accounts

Manage alerts

 

Step-by-step process

  1. Use the search to find the desired group.
  2. Right-click on the group and select "Create alert" from the context menu.

 

  1. Enter a title for the alert.
  2. Select whether only direct or direct and indirect group membership changes (recommended) trigger an alert.

  1. Choose Actions.
    Here you specify which actions are executed when an alert is triggered. You must activate at least one action.
  2. Activate the option if an email should be sent in case of an alert.

The content of the emails can be customized. This is analogous to the recertification emails.

  1. The alert is written to the Windows Event Log. The categorization is used. This option is especially useful if you are using a SIEM system.
  2. Enable the execution of a script. To activate this option, a script configuration for alerts must be stored.